The Graylog software centrally captures, stores, and enables real-time search and log analysis against terabytes of machine data from any component in the IT infrastructure and applications. The software uses a three-tier architecture and scalable storage based on Elasticsearch and MongoDB
AlertOps’ alert management system can be integrated with Graylog to receive and respond to all (predefined status mappings) alerts through email, SMS, push notification or phone alerts. AlertOps would ensure that the alert/job status would reach the appropriate team by using proper workflows, escalation policies and schedules. Based on your ruleset, incidents can be automatically opened and closed, depending on the event Graylog reports.
The above scenario and scope for integration is due to the fact that AlertOps has a very flexible and simple API/Webhook configuration feature that can be leveraged with Graylog’s event creation and notification capabilities.
You can send alerts from Graylog to AlertOps.
- AlertOps will automatically create an incident when a new alert is received from Graylog when the priority field contains “3/4”.
- If an alert with status “3/4” matches an existing Open Alert, AlertOps will recognize the new alert as a duplicate and ignore the alert.
- The alert will be recorded in the Inbound Messages table as “Mapped Appended.”
- AlertOps will automatically close the same incident when an alert with error^status contains ‘1/2’.
These are examples of just some of the things you can do with Graylog and AlertOps.
